Described below is a method and a proxy server for providing a mobile key for the cryptographic protection of mobile signaling messages for a home agent of a mobile radio network, especially for anonymous subscribers.
The Internet with the TC/IP protocol enables a platform for the development of higher protocols for the mobile area. Because the Internet protocols are widespread, it is possible by suitable protocol expansions to open up a large group of subscribers for mobile environments. The Internet protocols were, however, not originally designed for mobile use. In the packet-switching of the Internet, the packets are exchanged between stationery computers which neither change their network address nor roam between different subnetworks. With mobile radio networks with mobile computers, mobile computers MS are frequently linked to various networks. The DHCP (Dynamic Host Configuration Protocol) enables the dynamic assignment of an IP address and other configuration parameters to a computer in a network with the aid of a suitable server. A computer which is linked into a network is automatically assigned a free IP address by the DHCP protocol. If a mobile computer has DHCP installed, it need only come within the range of a local network which supports the configuration by the DHCP protocol. With the DHCP protocol, a dynamic address allocation is possible, i.e. a free IP address is automatically allotted for a specific time. After this time has elapsed, the request must be renewed through the mobile computer or the IP address can otherwise be allocated.
By using the DHCP, the mobile computer can be linked into a network without manual configuration. The only precondition is that a DHCP server must be available. A mobile computer can thus use the services of the local network and, for example, use centrally stored files. If, however, a mobile computer itself offers services, a potential service subscriber cannot find the mobile computer because its IP address changes in each network to which the mobile computer is linked. The same thing occurs if an IP address changes during an existing TCP connection. This leads to a breakoff of the connection. Therefore, with a mobile IP a mobile computer is assigned an IP address which it also retains in a different network. With a known IP network change, it is necessary to adapt the IP address settings accordingly. However, a manual continuous matching of IP and routing configurations on the terminal is almost impossible. With the known automatic configuration mechanisms, the existing connection is broken off on a change of IP address. The Mobile Internet Protocol (MIP) (RFC 2002, RFC 2977, RFC 3344, RFC 3846, RFC 3957, RFC 3775, RFC 3776, RFC 4285) supports the mobility of mobile terminals. With known IP protocols, the mobile terminal has to adapt its IP address each time it changes the IP subnetwork, so that the data packets addressed to the mobile terminal can be correctly routed. To maintain an existing TCP connection, the mobile terminal has to retain its IP address, because an address change leads to an interruption in the connection. The MIP protocol resolves this conflict in that it enables a mobile terminal or a mobile node (MN) to have two IP addresses. The MIP protocol enables a transparent connection between both addresses, i.e. a permanent home address and a second temporary care-of address. The care-of address is the IP address under which the mobile terminal can currently be reached.
A home agent is an agent of the mobile terminal as long as the mobile terminal is not located in the original home network. The home agent is continuously informed of the current location of the mobile computer. The home agent normally constitutes a component of a router in the home network of the mobile terminal. If the mobile terminal is located outside the home network, the home agent provides a function to enable the mobile terminal to log on. The home agent then forwards the data packets addressed to the mobile terminal to the actual subnetwork of the mobile terminal.
A foreign agent is located in the subnetwork in which the mobile terminal moves. The foreign agent forwards incoming data packets to the mobile terminal or to the mobile computer. The foreign agent is located in a visited network. The foreign agent normally constitutes a component of a router. The foreign agent routes all administrative mobile data packets between the mobile terminal and its home agent. The foreign agent unpacks the tunneled IP data packets transmitted from the home agent and forwards their data to the mobile terminal.
The home address of the mobile terminal is the address under which the mobile terminal can be permanently reached. The home address has the same address prefix as the home agent. The care-of address is the particular IP address that the mobile terminal uses in the visited network.
The home agent manages a mobility binding table (MBT). The purpose of the entries in this table is to assign both addresses, i.e. the home address and the care-of address of a mobile terminal to each other and to reroute the data packets accordingly. The MBT table contains entries of the home address, the care-of address and details of the lifetime during which this assignment is valid. FIG. 1 shows an example of a mobility binding table according to the related art.
The foreign agent (FA) contains a visitor list (VL) containing information on the mobile terminals that are presently in the IP network of the foreign agent. FIG. 2 shows an example of such a visitor list according to the related art.
So that a mobile computer can be linked into a network it must first determine whether it is in its home network or a visited network. In addition, the mobile terminal must find out which computer in the subnetwork is the home or foreign agent. This information is determined by the so called agent discovery.
By the succeeding registration, the mobile terminal can inform his home agent of its current location. To do this, the mobile computer or mobile terminal sends the current care-of address to the home agent. For registration, the mobile computer sends a registration request to the home agent. The home agent (HA) enters the care-of address in its list and answers with a registration reply. This of course gives rise to a security problem. Because in principle each computer can send a registration request to a home agent, it would be quite easy to pretend to a home agent that a computer has moved to a different network. In this way, a foreign computer could collect all the data packets of a mobile computer or mobile terminal without a sender knowing. To prevent this, the mobile computer and the home agent have a common secret key. If a mobile computer returns to its home network it deregisters with the home agent, because the mobile computer can henceforth itself receive all the data packets. A mobile radio network must have the following main security properties. Information may be made accessible only to desired communication partners, i.e. unwanted listeners must not obtain access to transmitted data. The mobile radio network must thus have the properties of confidentiality. Furthermore authenticity must be given. Authenticity enables a communication partner to establish without doubt whether a communication has actually been established to a desired communication partner or whether a foreign party has pretended to be a communication partner. Authentication can be carried out per message or per connection. If authentication is based on connections, the communication partner is identified only once at the start of a session. It is then assumed for the further course of the session that the succeeding messages continue to originate from the corresponding sender. Even if the identity of a communication partner is established, i.e. the communication partner has been authenticated, the case can arise where this communication partner is not allowed to access all the resources or allowed to use all the services via the network. A suitable authorization in this case assumes a prior authentication of the communication partner.
With mobile data networks, messages have to cover longer sections via air interfaces and are thus easily accessible to potential attackers. With mobile and wireless data networks security aspects therefore play a particular role. Encryption techniques are an essential means for increasing security in data networks. Encryption makes it possible to transmit data via unsecured communication paths, for example via air interfaces, without the data being accessed by unauthorized third parties. For encryption, the data, i.e. the clear text, is transformed into ciphertext with the aid of an encryption algorithm. The encrypted text can be transmitted via the unsecured data transmission channel and then decoded or deciphered.
As a very promising wireless access technology, Worldwide Interoperability for Microwave Access (WiMax) is proposed as a new standard which is used for the IEEE 802.16 radio transmission. By using WiMax it should be possible for transmitting stations to cover an area of up to 50 km with data rates of more than 100 Mbit per second.
FIG. 3 shows a reference model for a WiMax radio network. A mobile terminal MS is located within the area of an Access Serving Network (ASN). The access network ASN is connected to a Home Connectivity Service Network (HCSN) by at least one Visited Connectivity Service Network (VCSN) or intermediate network. The various networks are connected to each other by interfaces or reference points R. The home agent HA of the mobile station (MS) is located in the home network HCSN or in one of the visited networks VCSN.
WiMax supports two realization variants of mobile IP, called Client MIP (CMIP) with which the mobile station itself realizes the MIP client function, and Proxy MIP (PMIP), with which the MIP client function is realized by the WiMax access network. The functionality provided for this in the ASN is called the Proxy Mobile Node (PMN) or PMIP client. In this way, MIP can also be used with mobile stations that do not themselves support MIP.
FIG. 4 shows a connection set-up with Proxy MIP according to the related art if the home agent is located in the visited network.
After establishment of a radio connection between the mobile terminal and a base station, an access authentication first takes place. The function of the authentication, the authorization and the accounting takes place by so-called AAA servers (AAA: Authentication Authorization and Accounting). Authentication messages, by which the address of the home agent and an authorization key are obtained, are exchanged between the mobile terminal MS and the AAA server of the home agent (HAAA). The authentication server in the home network contains the profile data of the subscriber. The AAA server receives an authentication request message that contains a subscriber identification of the mobile terminal. After successful access authentication, the AAA server generates a master session key (MSK) to protect the data transmission section between the mobile terminal MS and the base station of the access network ASN. This MSK key is transmitted from the AAA server of the home network via the intermediate network CSN to the access network ASN.
After the access authentication, the DHCP proxy server is configured in the access network ASN, as shown in FIG. 4. If the IP address and the host configuration are already contained in the AAA reply message, the complete information is downloaded to the DHCP proxy server.
After successful authentication and authorization, the mobile station, or the mobile terminal, MS sends a DHCP discovery message and an IP address assignment takes place.
If the access network ASN supports both PMIP and CMIP mobility, the foreign agent informs the ASN handover function by sending an R3 mobility context message. This can be omitted for networks that support only PMIP. After the home address has been read, it is forwarded to the PMIP client.
An MIP registration then takes place. The home agent is informed of the current location of the mobile terminal by the registration. For registration, the mobile computer sends the registration request, which contains the current care-of address, to the home agent. The home agent enters the care-of address in a list managed by the home agent and responds with a registration reply. Because in principle any computer can send registration requests to a home agent, it is easy to pretend to a home agent that a computer has moved to a different network. To prevent this the mobile computer and also the home agent have a common secret key, i.e. an MIP key. If the home agent (HA) does not recognize the MIP key, it asks it why it is in communication with a home AAA server.
On completion of the connection setup shown in FIG. 4, the mobile terminal will have received a home address and will be registered with the home agent.
The connection setup shown in FIG. 4 is of course not possible if the home AAA server does not supply the attributes or data expected by the WiMax protocol. If, for example, the home AAA server is a 3GPP server or other AAA server that does not support WiMax interworking, it will therefore not be able to provide the data attributes, especially the home address and a cryptographic key, necessary for the MIP registration. The home agent HA does not receive an MIP key (MSK: Master Session Key) and rejects the subscriber.